Overview#NTLMv1 LM Hash LAN Manager (LM) hashes are derived from the user password. Legacy support for LM hashes and the LAN Manager authentication protocol remains in the NTLM protocol suite. Default configurations in Windows and Microsoft security guidance have discouraged its use.
The security of NTLMv1 has been severely compromised and is considered Cryptographically Weak and lacks Collision Resistance.
NTLMv1 (LM hashes) inherently are more vulnerable to attacks because:
- LM hashes require a password to be less than 15 characters long and they contain only ASCII characters.
- LM hashes do not differentiate between uppercase and lowercase letters.